For obvious reasons, I recommend the rsyslog Windows Agent ;-) https://www.rsyslog.com/windows-agent/
Rainer El lun., 24 ago. 2020 a las 16:17, Peter Viskup via rsyslog (<[email protected]>) escribió: > > Does anyone have experience of handling WEC messages from Windows clients > in (r)syslog infrastructure? > The standard way is to install some Windows syslog agent which forwards > Windows events to syslog infrastructure. What Windows syslog agent do you > use? > > Might be interesting to see something like the imwec module. > https://docs.microsoft.com/en-us/windows/win32/wec/using-windows-event-collector > The same way the syslog-ng PE implemented it. > https://support.oneidentity.com/technical-documents/syslog-ng-premium-edition/7.0.17/windows-event-collector-administration-guide/log > They switch from developing Windows Syslog agent to WEC input module for > syslog-ng server which I find the best way of handling this type of data > flow. > > -- > Peter > _______________________________________________ > rsyslog mailing list > https://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
